Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication - kgretzky/evilginx2

Hi everyone, today I will talk about an interesting account takeover flaw which I found around a year back. The root cause of this issue…

PHP: mime types (array format). GitHub Gist: instantly share code, notes, and snippets.

This article discloses exploitation of CVE-2019-18683, which refers to multiple five-year-old race conditions in the V4L2 subsystem of the Linux kernel. I found and fixed them at the end of 2019. Here I'm going to describe a PoC exploit for x86_64 that gains…

Writeup how to reverse elf binaries and solve pwnable.tw challenge 4

Slide decks from my conference presentations. Contribute to maddiestone/ConPresentations development by creating an account on GitHub.

articles. Contribute to blaCCkHatHacEEkr/PENTESTING-BIBLE development by creating an account on GitHub.

We’re back and ready to implement new sources and sinks in Part 2 of Finding CWE-369: Divide By Zero bugs with Binary Ninja.

Recursive DNS Subdomain Enumerator with dead-end avoidance system (BETA) - MilindPurswani/Syborg

Master CTF Challenges with binary, web, forensics & reversing walkthroughs. Practical pentesting skills through capture-the-flag solutions.

A few months ago I identified a security issue in Firefox known as CVE-2019-17016. During analysis of the issue, I’ve come up with a new technique of CSS data exfiltration in Firefox via a single injection point which I’m going to share in this blog post.

Source: SANS Penetration Testing 

As RedTeaming has grown with the industry, so has our need to build dependable environments. In keeping with the cat-and-mouse game we find ourselves in, it's essential to possess the capability of maintaining robust infrastructure which can be recreated…